Thawte Code Sign

Easy online distribution has made it possible for developers to create fun and functional code, anywhere and everywhere. However, the potential for fraud and the spread of malicious code has increased as well. With a Thawte® Code Signing Certificate, your code will be as safe and trustworthy to customers as shrink-wrapped software from a store shelf.

Code Signing Certificates frequently use digital signatures to verify identify of the content’s creator, as well as confirming that the content has not been tampered with since it was originally distributed. With the rapid growth of content distribution thanks to the Internet, code signing is absolutely critical for securing the delivery of content to the consumer. Code Signing Certificates with digital signatures allow publishes to sign .exe, .cab, .dll, and .ocx files; Java Applets and MIDlets; Microsoft Office documents with macros; and Apple desktop applications.

With code signing from Thawte, you can assure users that your code and content is safe to download, and protect your most valuable business asset: your reputation. Code signing authenticates the code’s source and confirms the integrity of content distributed online. Thawte® Code Signing Certificate for Microsoft® Authenticode® (Multi-Purpose) offers maximum flexibility with a single certificate to sign code developed on multiple platforms.

To obtain a certificate from Thawte, a software publisher must meet the criteria for either a commercial or an individual publishing certificate and submit these credentials to either a CA or a local registration authority (LRA). The criteria discussed below have been proposed by Microsoft. Note that standards bodies, such as the World Wide Web Consortium (W3C), are reviewing these criteria and they are subject to change. A description of the overall process of obtaining a certificate for code signing ends this section of the document.

Thawte does not certify the content of a software publisher’s code. Code signing certificates are only used to verify the publisher who signed the content and that the content has not been altered or corrupted.

HOW CODE SIGN SSL WORKS?Thawte Code Signing Certificates create a unique digital signature with identification information about the publisher of the code and proof of the code’s integrity. Microsoft applications such as Internet Explorer®, Exchange, Outlook® and Outlook® Express have security features to check for a digital signature and recommend whether or not code should be trusted.

When a user encounters unsigned executables, a security warning pops up or content fails to load, depending on the user’s security settings.

When a signed executable is encountered, a pop-up notification shows the verified identity of the publisher and the user decides whether or not to trust the code. By clicking “More Info”, the user can inspect the certificate.